Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

Google Addresses WiFi Privacy Snafu with Encrypted Search

Google May 21 began adding SSL (Secure Sockets Layer) encryption for its search engine, a direct response to the company's accidental collection of users' personal information in countries all over the world. When users search from the URL https://www.google.com, the SSL creates an encrypted connection between the user's browser and Google to better shield users' search terms and search results pages from being intercepted by a third party, including an errant drive-by from Street View cars roving their neighborhood to capture pictures for Google Maps.

Google May 21 began adding SSL (Secure Sockets Layer) encryption for its search engine, a direct response to the company's accidental collection of users' personal information in countries all over the world.

The search engine May 16 admitted that its Street View cars that patrol city streets to record images had unknowingly collected users' payload data from unsecured WiFi networks. This included e-mail, passwords and browsing information.

Further reading

When users search from the URL https://www.google.com, the SSL creates an encrypted connection between the user's browser and Google to better shield users' search terms and search results pages from being intercepted by a third party, including an errant drive-by from Street View cars roving their neighborhood to capture pictures for Google Maps.

The service features this modified logo to show users that they are searching using SSL. Roseman noted that SSL for Google search is rolling out to beta because it only covers the core search engine.

Indeed, a quick query on the Google SSL search domain displayed none of the usual topic tabs at the top, such as Google Maps, Image Search and shopping, which don't support SSL. Should users click on any of the Web results for unsupported services linked to Google Images, they will likely be taken out of SSL mode, Roseman said.

Moreover, he said there might be a lag time for search results because SSL connections require additional time to set up the encryption between the browser and the remote Web server.

Google has long offered SSL for Gmail, Google Docs and other services, but most users aren't Web- or security-savvy enough to know about them or why they might want to elect to turn them on to better protect their data.

Privacy advocates have been calling for Google to SSL-enable its search for years; the WiFi privacy gaffe accelerated Google's plans to offer SSL for search.

SSL for search may be a small consideration for countries affected by Google's WiFi debacle, known in the media by privacy watchdogs as WiSpy. But it's not a long enough olive branch that will silence the complaints.

Governments overseas are hammering Google hard for this misstep, which will lend muscle to arguments that Google should be regulated. U.S. regulators have yet to formally complain, but it's quite possible the FTC or Justice Department may scrutinize the issue.

This isn't the first time Google has turned to SSL as a default security setting as a reaction to a security and privacy breach.

The company turned on HTTPS as the primary setting for Gmail one day after revealing that the Gmail accounts of users had been accessed in a Chinese cyber-attack.